Date: Tue, 24 Jun 2003 19:31:21 -0400 From: Bill Moran <wmoran@potentialtech.com> To: adrian kok <adriankok2000@yahoo.com.hk> Cc: freebsd-questions@freebsd.org Subject: Re: snoop Message-ID: <3EF8DF49.2030205@potentialtech.com> In-Reply-To: <20030624183547.43952.qmail@web21201.mail.yahoo.com> References: <20030624183547.43952.qmail@web21201.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
adrian kok wrote: > Hi all > > Thank you for your reply > > If I install those software, does my server have > security problem? > > In my memory, I read a books before. > sth will make the network card to prismous mode and > there is security problem > > I am not sure about it. please teach me Promiscuous mode is a mode supported by most network cards where the card will pass all recieved traffic on to the network software. When not in promiscuous mode, the card only passes on network traffic that has it's MAC address as the destination or the broadcast MAC address. When in promiscuous mode, it is possible for anyone logged into that machine to monitor _all_ traffic on the network, since promiscuous mode is a hardware mode, and can't be set for individual users. However, it's no more dangerous than the user next to you being able to boot their machine off a CD and put _their_ card in promiscuous mode. Any packet monitoring software is going to have to put the card into promiscuous mode to do its work, so tcpdump isn't any more or less dangerous than any other. > > thank you again > > > --- Fernando Gleiser <fgleiser@cactus.fi.uba.ar> > wrote: > On Fri, 20 Jun 2003, adrian kok wrote: > >>>Hi all >>> >>>Do you know where I can get snoop to analysis the >>>traffic? >> >>If you mean Solaris' snoop, take a look at >>tcpdump(1). It's in the base >>system. You may also look at tcpshow (in the ports, >>net/tcpshow) for >>decoding tcpdump's output >> >> >> Fer >> > > > _______________________________________________________________________ > Do You Yahoo!? > Get your free @yahoo.com.hk address at http://mail.english.yahoo.com.hk > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > -- Bill Moran Potential Technologies http://www.potentialtech.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EF8DF49.2030205>